lumma | 2df16a6c26717aacf45dd7c286060760215cd31231ea4686d78d4ce0bbfe0062 | Triage

Sharing

General

Target

2df16a6c26717aacf45dd7c286060760215cd31231ea4686d78d4ce0bbfe0062
Size

295KB
MD5

08bdc60ae2097e1f81da38a6cc106516
SHA1

b094d461b020c499d341a2e954e6108eb630dd14
SHA256

2df16a6c26717aacf45dd7c286060760215cd31231ea4686d78d4ce0bbfe0062
SHA512

0abbc299be1248a5096b1b5d15ee0363eedff4dbccbafcc24ae51dce72a0d8feaa459fdbca1adfd3fa13e9c9d143a02b5c1ddbacd1d8840b4e2e84c7d7dcfb16
SSDEEP

6144:SkK6W/39Y4zbD5ozoOxMEpgSVumtLoYgXCuVy1w5XTgLU:RWf9Y4zbNUcQbBgXhVy1w5XML

Score

10^/10

stealer lumma

Malware Config

Extracted

Family

lumma

Signatures

Lumma family
lumma

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2df16a6c26717aacf45dd7c286060760215cd31231ea4686d78d4ce0bbfe0062

Files

2df16a6c26717aacf45dd7c286060760215cd31231ea4686d78d4ce0bbfe0062
.exe windows:6 windows x86 arch:x86

f12ef0517c38c05cea3130091585ea2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
ExitProcess
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
GetLogicalDrives
GetSystemDirectoryW
GlobalLock
GlobalUnlock

shell32

SHEmptyRecycleBinW
SHGetFileInfoW
SHGetSpecialFolderPathW

user32

CloseClipboard
GetClipboardData
GetDC
GetForegroundWindow
GetSystemMetrics
GetWindowLongW
OpenClipboard
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
GetObjectW
GetPixel
SelectObject
StretchBlt

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ